cannot verify .sig

Ingo Klöcker kloecker at kde.org
Sun Nov 8 16:57:53 CET 2020


On Samstag, 7. November 2020 18:55:58 CET pavel hora via Gnupg-users wrote:
> Hi,
> I would like to use GPG to verify installation files (True Crypt this time
> to be specific) that come with a signature .sig and PGP public key .asc. I
> have installed GPG 4 Win 3.1.13.
> I have imported the public key. I have tried to verify the .exe with .sig,
> but Kleopatra tells me the public key is not certified, so I try to certify
> it myself, but I need my own key pair for that. So I try to build it, only
> it ends with error, because "No agent running". Now I assume that these
> issues happen because I prevent Kleopatra or GPG from accessing the net,
> but then again, why should it do so for the tasks specified above? I have
> used PGP in the past, long time ago, and it was always offline. So my
> question is - can I still use GPG to check the signature of the file, pls?
> And perhaps, why does GPG so desire the net access for my tasks?

GnuPG consists of several applications (e.g. gpg as frontend called by 
Kleopatra and gpg-agent as backend) that talk to each other. I'm not sure 
whether this communication requires local network connections on Windows. On 
Linux it's done via socket connections. Anyway, maybe blocking network access 
also blocks the local communication between gpg and gpg-agent. You may have to 
allow local network access for gpg.

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20201108/41d52a13/attachment-0001.sig>


More information about the Gnupg-users mailing list